473,320 Members | 2,000 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Saving Text to MySQL

Hi

I have a small form where users can comment on some articles on the web
site.
But to prevent abuse I want the form to save the comments and email it to me
to review.

But that means that the user can still abuse the form itself or cause
Query/SQL problems, (with special character for example).

So how would I save ANY text to the database? And if I have to convert the
text how do I retrieve it correctly?

For example if the user enters "This is a quote, 'hello world'" how should I
handle special characters?
Would you advise me to handle all my text fields the same way to prevent
abuse/hacking?

And how should I protect my fields against hacking?

Many thanks
Sims
Jul 17 '05 #1
2 2164
*** Sims wrote/escribió (Wed, 5 May 2004 11:20:29 +0100):
So how would I save ANY text to the database?


Usage: string mysql_escape_string ( string unescaped_string )

Purpose: Escapes a string for use in a mysql_query.
Availability: PHP 4 >= 4.0.3

--
--
-- Álvaro G. Vicario - Burgos, Spain
--
Jul 17 '05 #2
"Sims" <si*********@hotmail.com> wrote in
news:c7************@ID-162430.news.uni-berlin.de:
So how would I save ANY text to the database? And if I have to convert
the text how do I retrieve it correctly?

For example if the user enters "This is a quote, 'hello world'" how
should I handle special characters?


What I have been doing is urlencode(stripslashes($_POST['field'])) for
storing and urldecode($row['field']) for displaying.

Ken Robinson
Jul 17 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

8
by: Matt Fletcher | last post by:
Hi guys, I am trying to allow the models in a mysql database to be ordered by the site owner. I was thinking along the lines of a <SELECT> list containing the model names and Up and Down...
1
by: sveint | last post by:
Quick background: Developed on Windows (apache/mysql, no register globals or other nonsense) Moved everything to AIX and have the following problem: Nothing is saved in my session folder. ...
3
by: Bill H | last post by:
I'm really new to Internet apps and such sorry, if this is a "duh" question. What is the standard approach to saving input from a form if on submit the database connection fails? I'm thinking...
4
by: dale zhang | last post by:
Hi, I am trying to save and read an image from MS Access DB based on the following article: http://www.vbdotnetheaven.com/Code/Sept2003/2175.asp Right now, I saved images without any...
2
by: Paul Evans | last post by:
Hi, Can anyone help me? I have two text boxes, one single-line and one multiline. I wish to save the text within the multiline textbox as a txt file, with a file name by the text in the...
10
by: Krakatioison | last post by:
Hi everyone, can someone point me to download of an example for saving and retrieving to/from MYSQL database. Or did anyone of you tried this and could share your code with me. I've got some data...
7
by: Gav | last post by:
If you had a class user with variables id, name, password. How would you save this object or its variable date to a MySQL database? And then if you had a dbase populated with id, name, password and...
6
by: Kevin Chambers | last post by:
Hi all-- In an attempt to commit an Access MDB to a versioning system (subversion), I'm trying to figure out how to convert a jet table's metadata to text, a la SaveAsText. The end goal is to...
1
by: TheTeapot | last post by:
I'm looking for a PHP database class which allows database connections to mysql, AND (text/XML) files to store information. I'm looking to use the file storage in a small intranet usage of my...
3
by: mirianCalin | last post by:
the code saves the category, image title, image, and feature.. but the problem is that the "feature" is not saved, but the others were saved.. this is the data types of my table category = text...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.